AVG-2029 log

Package vault
Status Fixed
Severity Medium
Type authentication bypass
Affected 1.7.1-2
Fixed 1.7.2-1
Current 1.16.1-1 [extra]
Ticket None
Created Thu Jun 3 12:26:34 2021
Issue Severity Remote Type Description
CVE-2021-32923 Medium Yes Authentication bypass
HashiCorp Vault before version 1.7.2 allowed the renewal of nearly- expired token leases and dynamic secret leases (specifically, those within 1 second of...